Well this is a silly question, but perhaps traffic is being passed out, but the responses can't get back in? It's not clear to me how you expected responses to get in without a "keep state" on an outbound rule.
In the OpenBSD implementation, the 'nat' statement implicitly enables 'keep state' behaviour, therefore a separate rule is not required.
--lyndon _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
